Cyber-Attacks Expected Following Belgium Bombings

Recent terror attacks in Brussels conducted by terrorists linked to the Islamic State are expected to spawn multiple cyber-attacks against high-profile websites and targets such as government and media in Belgium, researchers say.

According to a Special Intelligence Report from cyber risk management firm Cytegic, there is a heightened threat level in Belgium and Western Europe on the cyber front. The report explains that this is the continuation of a trend of cyber-attacks observed following major terrorist events in Western Europe, such as the November 2015 Paris terrorist attacks.

Following the Islamic terrorist attacks, cyber activity levels were observed increasing in the attacked country, and according to Cytegic, while these levels lasted for a few weeks, they peaked the week after the attacks. Moreover, the researchers explain that denial-of-service, defacements, email social engineering and malware injections represent the most used attack methods in these circumstances.

Following terrorist attacks, the most active cyber groups include political activists, such as Anonymous and its affiliates, along with political cyber-warriors, which are nation-states or nation-backed attackers, and cyber-terrorists, which usually include hackers that are affiliating themselves with the Islamic State (also known as IS or ISIS).

Based on previous observations, Cytegic's report (PDF) suggests that the cyber-attacks expected to occur in the days ahead will likely target mainly the government, media, banking and finance, critical infrastructure, military and defense industries.

The report also reveals that political activists have already started to organize for a new anti-ISIS campaign, which should be a continuation of the #OpISIS campaign launched following the Paris attacks. At that time, the forces that clashed in a cyber-war involved the French government, Anonymous and its affiliates on one side, and pro-ISIS hacktivists and sensationalists on the other.

Attacks on ISIS supporting websites and social-media accounts are expected to occur and intensify in the next few days, including denial-of-service attacks, defacements, website redirections and taking down Twitter accounts. Previously, attackers also tried to hack ISIS related websites and users to grab data related mostly to recruiting.

Cyber-terrorists, on the other hand, are expected to target critical infrastructure to cause chaos and physical and financial damage, as well as to continue focusing on placing so called “doomsday buttons” in critical infrastructure targets, Cytegic says.

In the coming weeks, high-profile organizations in Belgium and Western Europe, mainly from the government, media, banking and defense sectors could be targeted by cyber-attacks, the security company notes. Thus, they should prepare for DDoS, social-engineering and malware threats on their websites, networks and employees.

The Paris terrorist attacks in November were not only followed by these types of cyber-attacks, but also fueled debate on encryption, as it was discovered that terrorists were using encrypted communication services. CIA Director John Brennan said at the time that attackers are using technologies that make it difficult for law enforcement to have the insight they need.